diff --git a/AUTHORS b/AUTHORS
index cd1bb2002f..cd136fe06c 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -221,6 +221,7 @@ answer newbie questions, and generally made Django that much better:
Aaron Swartz
Ville Säävuori
Tyson Tate
+ Frank Tegtmeyer
thebjorn
Zach Thompson
Tom Tobin
diff --git a/django/contrib/sessions/models.py b/django/contrib/sessions/models.py
index 77718407e1..521a2abee9 100644
--- a/django/contrib/sessions/models.py
+++ b/django/contrib/sessions/models.py
@@ -1,4 +1,4 @@
-import base64, md5, random, sys, datetime
+import base64, md5, random, sys, datetime, os, time
import cPickle as pickle
from django.db import models
from django.utils.translation import gettext_lazy as _
@@ -14,9 +14,9 @@ class SessionManager(models.Manager):
def get_new_session_key(self):
"Returns session key that isn't being used."
# The random module is seeded when this Apache child is created.
- # Use person_id and SECRET_KEY as added salt.
+ # Use SECRET_KEY as added salt.
while 1:
- session_key = md5.new(str(random.randint(0, sys.maxint - 1)) + str(random.randint(0, sys.maxint - 1)) + settings.SECRET_KEY).hexdigest()
+ session_key = md5.new("%s%s%s%s" % (random.randint(0, sys.maxint - 1), os.getpid(), time.time(), settings.SECRET_KEY)).hexdigest()
try:
self.get(session_key=session_key)
except self.model.DoesNotExist: